OpenBSD Journal

Dynamic adding of addresses to spamd from output of spamdb

Contributed by grey on from the creative ideas to try for yourself dept.

Claes Ström shares with us the following spamd recipe that undeadly readers may find useful. Please feel free to discuss it further in the comments area. Follow the read more link to see the whole text.

On my "personal" smtp gateways where I run spamd with greylisting (before Postfix with "Anti-UCE") I figured out that I could dynamically catch spammers from the output of spamdb and add to my own local spamd blacklist file.

Mini HOWTO:

Become root (su -)

Enable spamd with greylisting in /etc/rc.conf:

spamd_flags="-v"
spamd_grey=YES
Edit /etc/spamd.conf to use your own blacklist also:
all:   :spamhaus:china:korea:spews2:myblacklist:
.
.
myblacklist:\
:black:\
:msg="SPAM. Your address %A is in my spammer list.":\
:file=/var/mail/myblacklist.txt
Create the script which is going to do the "thing":

cd
mkdir bin # If you don't have this dir or put it somewhere else..
`editor of choice` /root/bin/dynaddbl # Paste the the "code" below:

----
#!/bin/sh
MYBL=/var/mail/myblacklist.txt
FILTER="billing|sales|info|someother\@mydomain"

spamdb | \
egrep -i "$FILTER" | \
cut -d \| -f 2 >> $MYBL
sort -n $MYBL | uniq > $MYBL.new

mv $MYBL.new $MYBL
----

Save and Close the editor

Add entry in crontab (and enable spamd-setup if not done earlier):

crontab -e
.
.
0 2 * * * /usr/libexec/spamd-setup
30 * * * * /root/bin/dynaddbl

End of "Mini HOWTO"

I got this idea last night and it's not perfect, but with some help from some brains in this forum it could maybe be something good to add to the spamd concept. Catched addresses don't get into spamd table in pf before spamd-setup gets rerunned by spamd-setup (by cron).What do you think about this "addon"?

Regards
Claes Ström

PS
Why doesn't OpenBSD have Python 2.3.4 when every other "distro" have it (need it for upcoming beta of Zope3X)?

(Comments are closed)


Comments
  1. By bernd (80.86.183.232) on

    Please don't tell people to edit /etc/rc.conf. Use /etc/rc.conf.local instead.
    rc.conf(8)

    Comments
    1. By Gerardo Santana Gómez Garrido (201.129.52.223) santana at openbsd org mx on http://www.openbsd.org.mx/~santana

      Editing rc.conf is ok if you know what you're doing.

      Comments
      1. By schubert (66.75.202.53) on

        That's not the point. The reason you don't edit rc.conf is so you don't have to worry about changes to it after an upgrade. Yes you can do it, but its not very smart regardless of whether you know what you're doing or not.

  2. By Anonymous Cheese (68.125.86.22) on

    "Why doesn't OpenBSD have Python 2.3.4 when every other "distro" have it (need it for upcoming beta of Zope3X)?"

    You have a question, and I don't have an answer, but I'll tell you that using the "every other "distro" have it" argument will only work against you. OpenBSD doesn't do what every-one else does, and unless management is replaced, it will continue to be ahead of everyone else when it comes to security and efficiency.

    Also, comparing a "distro" to OpenBSD is not correct. Every Linux distribution is just that, and ad-hoc work. OpenBSD on the other hand, is a Operating System; keyword SYSTEM.

    Comments
    1. By Claes (82.182.34.80) on

      With distro I meant in first place FreeBSD and NetBSD.

      2.3.4 is most a bug fix release (release notes) and not a new feature relelase!

      Comments
      1. By Anonymous Coward (3ffe:8010:7:9303:20a:cdff:fe01:3f7d) on

        AFAIK FreeBSD does not have Python in its default install. It's available throught ports tree :)

      2. By Anonymous Cheese (68.125.86.22) on

        "With distro I meant in first place FreeBSD and NetBSD."

        "Distro" is slang, and commonly used within the Linux community. Don't expect the BSD community to embrace its use to generically describe *BSD. Culture shock can be just that, a shock. ;) I myself like Python and find it worthy of replacing or being along side Perl in the base system, but I don't think Perl or Python have any place in the base system at all.

  3. By Anonymous Coward (80.65.225.73) on

    Goot tip, thank you :).
    just a note: make sure that $MYBL.new and $MYBL couldn't be overwritten but by root (else symlinks could cause damage !).

    "Why doesn't OpenBSD have Python 2.3.4 when every other "distro" have it (need it for upcoming beta of Zope3X)?"

    Python 2.3.4 was released after OpenBSD 3.5. So it would hardly be in there ;)

    btw, I must admit that some important python tools are missing, like PyQt, xmlrpclib, soappy, m2crypto and even more important, the very widely used wxPython toolkit. Are them missing for political (licence, code quality ...) reasons ?

    Comments
    1. By Claes (82.182.34.80) on

      "Python 2.3.4 was released after OpenBSD 3.5. So it would hardly be in there ;)"

      I was thinking of the cvs of ports as a moving target. I have also looked into "ports" of Python for all "flavors" of BSD and all patches (lot of them) differs a lot between them. Which gets me away from trying to do my own pkg...

      BTW Nice that you liked my "idea" (with spamd)

      Comments
      1. By Fábio Olivé Leite (161.114.64.74) on

        Simple! Shut up and code! ports@ is waiting eagerly for your patches. :)

        And to the guy who "thought cvs was a moving target": CVS IS a moving target, otherwise I don't see how it would allow for any development at all. Perhaps your local repository isn't a moving target, because you have it set on a TAG. Read up on CVS and learn about update -A.

        Comments
        1. By Claes (82.182.34.80) on

          Of course do I knew how to cvs update, I'm running "current" on ports and src!!

          BTW I didn't found any contibutions in ports from you either ;-)

          Comments
          1. By Fábio Olivé Leite (161.114.64.75) on

            Heheheh but then you didn't see me complain as well. :)
            When I need something that's not on ports I fetch the source and compile and stay quiet about it. There's no reason to create and contribute ports which I will not have time to maintain myself, and I don't like putting more work over the ports maintainers.

      2. By Anonymous Coward (80.65.225.73) on

        I was thinking of the cvs of ports as a moving target

        Well, yes they are.
        But updates are very conservatives beetween releases (mainly bug/security patches are commited on -stable).

        That's why i said that: an interpreter upgrade is something that might break stuff (especialy since there is no viable update methods on openbsd packages, and you need to deinstall/reinstall all dependencies). Not a good candidate for an interim upgrade.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]